Sunday, September 21. 2014

It was kind of amusing, when Snowden came forward and confirmed all the things I’d been telling my friends for years. They used to laugh at me – I was crazy, paranoid! – but now, no one thinks its crazy anymore. Well, OK – maybe they still think I am crazy, but they laughing a lot less.

I still tell them that privacy is a dead concept, and they still think I’m a bit crazy; a [recent paper](http://www.evernote.com/l/AAGvi459w5VJxqVQEiGszyCh3ldD-bN6jGE/) by Yan Michalevsky, Dan Boneh, and Gabi Nakibly once again shows that just because I’m crazy doesn’t mean I was wrong. As the paper’s abstract declares:

We show that the MEMS gyroscopes found on modern smart phones are sufﬁciently sensitive to measure acoustic signals in the vicinity of the phone. The resulting signals contain only very low-frequency information (<200Hz). Nevertheless we show, using signal processing and machine learning, that this information is sufﬁcient to identify speaker information and even parse speech. Since iOS and Android require no special permissions to access the gyro, our results show that apps and active web content that cannot access the microphone can nevertheless eavesdrop on speech in the vicinity of the phone.

Tuesday, August 23. 2011

I had promised some time ago to post this, and am just now getting around to it – unfortunately, some of the content has been lost in the interim. Below is the only version my review “A Person, a Painting, and a Play” from the TrekWest5 segment “Joey’s Culture Corner.”

On its surface, “Sunday in the Park with George” is a play about the birth of Pointillism – specifically, about the painting of the “A Sunday Afternoon on the Island of La Grande Jatte” – but I think that this is Sondheim’s most deeply personal piece. It’s all about the cost of dedication to an ideal, and about the trade-offs we make every day. “Work is what you do for others – art is what you do for yourself!” decries one of the characters early in the play, and Seraut himself – who is clearly a stand-in for Sondheim – tells one of his critics “I do not paint for your approval”. Last year, Sondheim published the first of two volumes where he talks in depth about his musicals and their lyrics…I think it’s telling that the title he selected for this book is Finishing the Hat. While “Sunday in the Park” was not much of a critical success – and was a financial failure – it is one of only eight musicals to ever win the “Pulitzer Prize for Drama”. I give this musical the strongest possible positive recommendation. Probably my favorite thing about the musical is how Sondheim incorporated the musical technique of “Pointillism” – see the musical number Color and Light for an excellent example.

The painting, “A Sunday Afternoon on the Island of La Grande Jatte” is probably my favorite painting NOT by Monet, and is probably the most famous example of Pointillism. The painting is 6’10” x 10’1” – a MASSIVE work, it took more than two years to finish. An absolutely fascinating principal of Pointillism is that it uniquely engages the brain in a behaviour known as “Neuroplasticity”, which refers to the ability of the human brain to change as a result of one’s experience. In his 2003 book The Mind and the Brain: Neuroplasticity and the Power of Mental Force, Jeffrey Schwartz wrote:

If your mind has been primed with the theory of pointillism…then you will see a Seurat painting in a very different way than if you are ignorant of his technique. Yet the photons of light reflecting off the Seurat…are identical to the photons striking the retina of a less knowledgeable viewer.

Seurat himself, and his impact on the world at large, is nothing less than astounding. There are very few places in this world today we can turn without seeing the influences of the theory behind divisionism and pointillism – film and photos, televisions and computer monitors, airbrushes and spray paint, digital cameras and cell phone screens – these all operate on the same basic principles of pointillism. The theories of color and vision that were explored in the work of Seurat and his contemporaries have had a profound effect on every part of our modern world.

So – Georges Seurat, “A Sunday Afternoon on the Island of La Grande Jatte”, and Sondheim’s “Sunday in the Park with George” – I heartily endorse them all.

Tuesday, July 12. 2011

It took me a long time to figure this out, I didn’t want it to end up locked in my head, so here’s a rough guide on how I managed to get a pylons 0.9.7 project to do LDAP authentication. All of the below is done in config/middleware.py.

Trap ldap.INVALID_CREDENTIALS and return False when it is raised, or watch all invalid logins crash the server process

bind (and bind_s) return a tuple, if the first item in the tuple is int(97), the bind worked – otherwise, they might have bound but as an anonymous user, and we need to fail

the second item in that tuple is a list of messages from the server – I’m not handling those at all today, becuase in the sole case we’re interested in (97, or “auth”), the messages appear to be blank in our environment – there’s no reason to believe this is consistent, and I should probably research this further at some point to provide meaningful feedback to the user on failed auth.

You can’t touch the session from within the WSGI middleware layer

All of this was done because a new server in our datacenter doesn’t have packages for the old build of Apache that we used to configure our LDAP auth back in the day. I’m actually quite pleased at how the new system works, and am glad to be rid of that Apache+PHP millstone that’s been lurking as a dependancy in all of our Pylons projects simply for the LDAP authentication solution.

Thursday, December 2. 2010

As most of you know, December 2nd is Peter Nash Day. I thought I’d share some of the photos that are pouring in from around the world demonstrating how Peter Nash Day is celebrated – feel free to add a link to your own Peter Nash Day celebration photojournal in the comments! More will be added as they come in, so keep watching this space.

Tuesday, October 5. 2010

I have a project at work where we are using Pylons/paster as the web service provider. One of the “clients” of this service is written in Flex/Flash, and had as a component the AlivePDF AS3 library for generating a static PDF of the Flash content.

Unfortunately, because Flash cannot save content locally, in order to actually GET this PDF content back to the user, AlivePDF posts a byte array to the service and expects the service to bundle that as a PDF and send it back. They provide a “content.php” file as an example – which, frankly, is some pretty inscrutable code until you manage to figure out what it’s working around. So when one of my employees (the one who selected AlivePDF in the first place) sent me the PHP file, it took as long to understand what he wanted as it did to come up with a Pylons solution. You can find the latter bit below – replace ${service} and ${controller} with your actual values through-out, and trim the ellipses (they are there to indicate there may be additional context on either side of the line I’m giving you):

${service}/config/routing.py:
def make_map():
…
map.connect(’/${controller}/create.php’, controller=’${controller}’, action=‘pdf’) # put this before the default routes, if you have any
…

Tuesday, August 31. 2010

If you have been using SSL or SSH to access any of your joeysmith.com, hashphp.org, or homestarmy.com services, please be aware that our previous certificates and keys have expired. I have generated a new one, and your software should prompt you on connect to approve the certificate/key.

Friday, April 30. 2010

I’ve recently been reading through SQL and Relational Theory by C.J. Date, who was deeply involved in the original formulation of relational model. Working my way through the book, I discovered that O’Reilly and Associates have also produced a series of videos where Date lectures on the content of the book, and I’ve really been enjoying it. You can purchase them outright for about $300 USD, or you can subscribe to one month of Safari via their “Library” plan for ~$43 and stream them from there. All together, the videos run just over 16.5 hours – here’s a breakdown of the topics and the durations.

Friday, October 16. 2009

If you listen to the TrekWest5 podcast, you know we’ve been promoting the podiobook trilogy "7th Son" for some time now. I’m really glad to announce that as of Oct. 27th, you’ll be able to buy this book in print (in fact, you can preorder it now). To quote the email JC sent me:

This is huge news for me (the trilogy was also optioned for film development by Warner Bros.), and for podcasting. Considering that 7th Son was rejected by dozens of publishing pros before I released it as a podcast, we have accomplished something extraordinary with its publication.

To celebrate the release, he’s announcing a number of new promotions that I wanted to make all of you aware of:

Friday, August 21. 2009

Came across this meme on a friend’s blog, and it sounded kind of interesting, so I thought I’d give it a try.

The rules, as I got them, are as follows:

Put your music player on shuffle

Press forward for each question

Use the song title as the answer

NO CHEATING!!! What you get is what you get!

I’m more than a little bit disturbed by the pattern that began to develop as the experiment wound on…fortunately, I can point it all to the fact that I didn’t have very much music loaded on my ipod when I did this, so maybe I can try it again later with a broader selection of my music and it will end up feeling a bit less like my ipod is trying to question my sexual orientation.

Tuesday, July 28. 2009

I don’t think I’ve kept secret my admiration for what Jeff Atwood does over at codinghorror.com. One of his most recent entries really appealed to me.

One of the (many) unfortunate side effects of choosing a career in software development is that, over time, you learn to hate software. I mean really hate it. With a passion. Take the angriest user you’ve ever met, multiply that by a thousand, and you still haven’t come close to how we programmers feel about software. Nobody hates software more than software developers. Even now, writing about the stuff is making me physically angry.

He quotes an interview where someone suggests that “One bad programmer can easily create two new jobs a year.” Having recently discussed a tangential subject with my TrekWest5 co-host, Peter, and given my on-going involvement in Freenode’s ##PHP channel I’ve been thinking a lot about this issue. Once upon a time (in the early 90’s), there was an attempt by a group known as advogato to provide web-of-tust like metrics to certify a programmer’s skill. Given the explosion of social networking in the intervening period, I’m wondering if any of you have ideas on how we can really bring some muscle to bear on this?

Saturday, July 18. 2009

Reading this article on “rootkits” for Javascript has really got me thinking about the kind of evil you could do by poisoning the base datatype Prototypes in a javascript environment. I recommend you read it if you do a lot of work with Javascript.

Google Releases ‘Remote Desktop’ Software Based on NXNX is an attempt to make the Unix X Windows system a more viable solution for remote desktop display. When Google announced their upcoming Chrome OS operating system, a lot of people were trying to figure out what their new display system would be – the common thinking now is that it will probably be this NX implementation.